From 0be747a483a001ef5f8b47ea9b14a0920302ede5 Mon Sep 17 00:00:00 2001
From: Darko Gjorgjijoski <dg@darkog.com>
Date: Thu, 2 Apr 2026 16:14:14 +0200
Subject: [PATCH] Pin axios to 1.14.0

Avoid possible supply chain attacks in future caused by compromised
author account or even rogue author.
---
 package.json | 2 +-
 yarn.lock    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index b218ee54..a04e7dda 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@vuelidate/core": "^2.0.3",
     "@vuelidate/validators": "^2.0.4",
     "@vueuse/core": "^12.4.0",
-    "axios": "^1",
+    "axios": "1.14.0",
     "chart.js": "^2.9.4",
     "guid": "^0.0.12",
     "laravel-vite-plugin": "^3.0.0",
diff --git a/yarn.lock b/yarn.lock
index 4181a7f1..5fc11a91 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -734,7 +734,7 @@ asynckit@^0.4.0:
   resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"
   integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==
 
-axios@^1:
+axios@1.14.0:
   version "1.14.0"
   resolved "https://registry.npmjs.org/axios/-/axios-1.14.0.tgz"
   integrity sha512-3Y8yrqLSwjuzpXuZ0oIYZ/XGgLwUIBU3uLvbcpb0pidD9ctpShJd43KSlEEkVQg6DS0G9NKyzOvBfUtDKEyHvQ==